Showing posts sorted by date for query encrypted. Sort by relevance Show all posts
Showing posts sorted by date for query encrypted. Sort by relevance Show all posts

Implementing Intrusion (Cyber) Kill Chain -A Plenary Overview

Posted by Avik Sarkar On 2/10/2014 01:49:00 am

Implementing an Intrusion (Cyber) Kill Chain 

The Intrusion (Cyber) Kill Chain is a phrase popularized by infosec industry professionals and introduced in a Lockheed Martin Corporation paper titled; “ Intelligence Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains”. 
The intrusion kill chain model is derived from a military model describing the phases of an attack. The phases of the military model are: find, fix, track, target, engage, and assess. The analyses of these phases are used to pinpoint gaps in capability and prioritize the development of needed systems. The first phase in this military model is to decide on a target (find). Second, once the target is decided you set about to locate it (fix). Next, you would surveill to gather intelligence (track). Once you have enough information, you decide the best way to realize your objective (target) and then implement your strategy (engage). And finally, you analyze what went wrong and what went right (assess) so that adjustments can be made in future attacks.
Lockheed Martin analysts began by mapping the phases of cyber attacks. The mapping focused on specific types of attacks, Advanced Persistent Threats (APTs) - The adversary/intruder gets into your network and stays for years– sending information, usually encrypted – to collection sites without being detected. Since the intruder spent so much time in the network, analysts were able to gather data about what was happening. Analysts could then sift through the data and begin grouping it into the military attack model phases. Analysts soon realized that while there were predictable phases in cyber attacks, the phases were slightly different from the military model.  The intrusion (cyber) kill chain shown below, describe the phases of a cyber attack.
The chain of events or activities are as follows:
  

Link in the Chain
Description
1.  Reconnaissance
Research, identification and selection of targets- scraping websites for information on companies and their employees in order to select targets.
2.  Weaponization
Most often, a Trojan with an exploit embedded in documents, photos, etc.
3.  Delivery
Transmission of the weapon (document with an embedded exploit) to the targeted environment.  According to Lockheed Martin's Computer Incident Response Team (LM-CIRT), the most prevalent delivery methods are email attachments,websites, and USB removable media.
4.  Exploitation
After the weapon is delivered, the intruder's code is triggered to exploit an operating system or application vulnerability, to make use of an operating system's auto execute feature or exploit the users themselves.
5.  Installation
Along with the exploit the weapon installs a remote access Trojan and/or a backdoor that allows the intruder to maintain presence in the environment
6.  Command and Control
Intruders establish a connection to an outside collection server from compromised systems and gain 'hands on the keyboard' control of the target's compromised network/systems/applications.
7.  Actions on Objective
After progressing through the previous 6 phases, the intruder takes action to achieve their objective.  The most common objectives are:  data extraction, disruption of the network, and/or use of the target's network as a hop point.
Lockheed Martin's analysts also discovered while mapping the intruder's activities, that a break (kill) in any one link in the chain would cause the intrusion to fail in its objective. This is one of the major benefits of the intrusion kill chain framework as security professionals have traditionally taken a defensive approach when it comes to incident response. This means that intrusions can be dealt with offensively too.
Lockheed Martin's case studies reveal that knowledge about previous intrusions and how they were accomplished allow analysts to recognize those previously used tactics and exploits in current attacks.  For example, mapping of three intrusions revealed that all three were delivered via email, all three used  very similar encryption, all three used the same installation program and connected to the same outside collection site. All of the intrusions were stopped before they accomplished their objective.
How did they do this? How can my company utilize this approach?
Monitoring and mapping is the key.
The following list contains some of the necessary components (not in any particular order) needed to do intrusion mapping and setting up the kill.
·         Network Intrusion Detection (NIDS)
·         Network Intrusion Prevention (NIPS)
·         Host Intrusion Detection (HIDS)
·         Firewall access control lists (ACL)
·         Full packet inspection
·         A mature IT asset management system
·         A mature and comprehensive Configuration Management Database (CMDB)
·         Device and system hardening
·         Secure configurations baselines
·         Website inspection
·         Honeypots
·         Anti-virus and anti-malware
·         Verbose logging – network devices, servers, databases, and applications
·         Log correlation
·         Alerting
·         Patching
·         Email and FTP inspection and filtering
·         Network tracing tools
·         Information Security staff trained in tracking and mapping events end-to-end
·         Coordination and partnering with IT, Application Owners, Database Administrators, Business Units and Management both in investigation and communicating the mapped intrusions.

In short, in order to implement intrusion kill chain activity a company needs to have a mature inter-operating and information security program. Additionally, they need trained staff that can investigate, map and advise 'kill' activities, keep a compendium of mapped intrusions, analyze and compare old and new intruder activity, code use, and delivery methods to thwart current and future intrusions.
The intrusion (cyber) kill chain is not an endeavor that can be successfully implemented in place of a comprehensive Information Security Program, it’s another tool to be used to protect the company's data assets.
The good news is if your company doesn't have a mature information security program there is a lot you can do while making plans to introduce an intrusion kill chains in your department's arsenal.
·         Educate your employees to watch for suspicious emails. For instance, emails that seem to be off – such as, someone in accounting receiving an invitation to attend a marketing conference. Let them know that they shouldn't open attachments included in email like this.
·         Make sure you have anti-virus and anti-malware software installed and up to date.
·         Start an inventory of your computing devices, laptops, desktops, tablets, smartphones, network devices and security devices.
·         You have an advantage over intruders. You know your network and what is normal and usual, they don't.  Notice user behavior that is not usual and look into it.  For example, a login at 2am for someone who works 9 to 5. Or an application process that normally runs overnight that is kicking off during the day.
·         Keep your security patches up to date.
·         Create and monitor baseline configurations.
·         Write, publish and communicate information security policies and company standards.
·         Turn on logging and start collecting and keeping logs. Start with network devices and firewalls and then add servers and databases.  Set up alerts for things such as repeated attempts at access.
·         Spend some time using search engines from outside your network to see how much information can be learned about your company from the Internet.  You'd be surprised how much you can find including sensitive documents.

All of these practices and activities give you more information about your computing environment and what is normal and usual. The more you know about your environment, the more likely it is that you will spot the intruder before any damage is done.

Disclaimer:- Before conclusion, on behalf of Team VOGH, I would like to personally thank Mr. Adrian Stolarski for sharing this remarkable article with our readers. I would also like to thank Ryan Fahey  of Infosec Institute for his spontaneous effort. 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Washington Post Server Breached! Chinese Hackers Apprehend For This Cyber Attack

Posted by Avik Sarkar On 12/20/2013 12:55:00 am

The Washington Post Server Hacked! Suspected That Chinese Hackers Are Behind This Cyber Attack 
Last week the story of Chinese eavesdropping on European ministries and diplomats at G20 summit draws the attention of the entire cyber world and made headlines. Yet again another breathtaking issue came in-front where also China found responsible for security breach that effected The Washington Post - the most widely circulated newspaper published in Washington, D.C. Sources reveled that hackers broke into The Washington Post’s servers and gained access to employee user names and passwordsMandiant, a cyber security contractor that monitors The Washington Post’s networks, said the intrusion was of relatively short duration. The extent of the loss of company data was not immediately clear, still the matter of relief is that the company passwords are stored in encrypted form, hackers in some cases have shown the ability to decode such information. although to avoid any further mishap Washington Post have planned to ask all employees to change their user names and passwords on the assumption that many or all of them may have been compromised. Officials at Washington Post said that they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to The Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers. Post officials found that this hack is more-recent than the 2011 one. They also said, began with an intrusion into a server used by The Post’s foreign staff but eventually spread to other company servers before being discovered. “This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti. 
China not only targeted Washington Post,  If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile news organization of U.S. including New York TimesNBC and so on. So far Chinese Government have not responded to this issue, also none of Chinese hacker community take the responsibility of this breach. For upcoming updates on this story stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA

Posted by Avik Sarkar On 11/30/2013 03:33:00 am

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA & Other Govt Agencies 
Last month a untold and sensational story came to light, when the whistle blowers Edward Snowden unveiled one of the top secret program of NSA called called “Muscular” Former NSA contractor Snowden himself disclosed that the National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world in order to collect and snoop the private data of millions of internet users. NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. Both Yahoo & Google said that they had never gave access to nay Govt agency to their data centers. Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.” Google’s chief legal officer, David Drummond said “We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” 

 But the matter of fact is that NSA has indeed sniffed the personal & private communication of million internet users of tech giants like Yahoo and Google. To get rid of this kind of privacy breach, now the tech giants who hold the personal record and credential of mass, are tightening and enhancing their existing security system. According to Marissa Mayer, CEO of Yahoo "We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it." Yahoo also says it will encrypt all information moving between its data centers by the end of the first quarter, and it will work on getting international partners to enable HTTPS encryption in Yahoo-branded Mail services.Yahoo says it will give users an option to encrypt all data flow to and from Yahoo. "Yahoo has never given access to our data centers to the NSA or to any other government agency ever. There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014." added Marissa Mayer.

Not only Yahoo, but the social networking giant Twitter, who have registered users of almost 550 million with an active user of 250 million across the globe has also taken immediate steps after this breathtaking story of spying by NSA get the spot light. Twitter is implementing new security measures that should make it much more difficult for anyone to eavesdrop on communications between its servers and users. The entire security mechanism has been taken to tighten the data privacy of its users. According to a blog post of twitter the company has implemented "perfect forward secrecy" on its Web and mobile platforms, which made eavesdropping almost impossible. "As part of our continuing effort to keep our users’ information as secure as possible, we’re happy to announce that we recently enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic." -said the blog post.

While talking about Muscular program of NSA, we would also like to remind you that couple weeks ago we came to know about 'Royal Concierge' another secret program of GCHQ & NSA to spy foreign diplomats through hotel bookings uncovered by Edward Snowden.

-Source (CIO & PC World) 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text

Posted by Avik Sarkar On 11/30/2013 03:30:00 am

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text (Uunencrypted)

Cupid Media one of the leading niche online dating network that have more than 35 large online dating website, faced a massive intrusion that effects more than 42 million of its registered users. From an exclusive report of Kerbs On Security we came to know that the breach was taken earlier in this year. Where the hackers managed to gain access into the crucial servers belongings to Cupid Media network. According to the managing director of Cupid Media, Mr Andrew Bolton - "In January we detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts.” After a preliminary investigation it has been found that the purloined database of Australia-based niche dating service Cupid Media was found on the same server where hackers had amassed tens of millions of records stolen from AdobeMore than 42 million peoples' unencrypted names, dates of birth, email addresses and passwords have been found from the pinched database. I am very much wearied to see that a high value site like Cupid is unconcerned about the basic security counter measure. Even their confidential tables remained unencrypted which allows the hacker to gain the personal information in plain text. Like the Cupid Media security team, the registered users also found very much inadvertent and unaware of basic security measures. I am saying this because of the leaked passwords, almost two million picked "123456", and over 1.2 million chose "111111". "iloveyou" and "lovely" both beat out "password", and while 40,000 chose "qwerty", 20,000 chose the bottom row of the keyboard instead - yielding the password "zxcvbnm"
Jason Hart of famous data protection firm Safenet said "The true impact of the breach is likely to be huge. Yet, if this data had been encrypted in the first place then all hackers would have found is scrambled information, rendering the theft pointless."
This security breach of Cupid Media reminds us  the decent history of breach where we have seen a slew of attacks against the following sites: Drupal.org  Scribd, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe,  Twitter,  New York Times, Apple and so on. While covering this story on behalf of VOGH, I am warning our readers across the globe to use strong alphanumeric passwords to avoid such disaster. Also the webmasters and security administrator are highly recommended to use salted encryption in their database to prevent fortuitousness cyber attack


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Scribd' World's Largest Document Sharing Website Admits Security Breach

Posted by Avik Sarkar On 4/11/2013 01:42:00 am

'Scribd' World's Largest Document Sharing Website Admits Security Breach 

Scribd- San Francisco-based document sharing site have fallen victim of cyber attack. Such kind of massacre is no doubt very much shameful for one of the world largest document sharing website which have more than 100 million of registered user. Like other largest companies, Scribd acknowledged the attack. In their official security announcement the company said that the operations team of Scribd have discovered and blocked suspicious activity on Scribd's network that appears to have been a deliberate attempt to access the email addresses and passwords of registered Scribd users. But the matter of relief is that only the 1% of its registered users have been affected during the hack. Immediately after this intrusion get spotted Scribd security team have emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password.  So, if you are a Scribd user and you did not receive such email from Scribd, then you are most likely unaffected.  If you still wish to check, you can use this web tool to determine if your account was among those affected. From the official announcement of Scribd, we came to know that the inertial investigation have already take place, which indicates that no content, payment and sales-related data, or other information were accessed or compromised. It has been  believed that the information accessed by the hackers was limited to general user information, which includes usernames, emails, and encrypted passwords.  Even though this information was accessed, the passwords stored by Scribd are encrypted (in technical terms, they are salted and hashed). Most of the users were therefore unaffected by this; however, the analysis shows that a small percentage may have had their passwords compromised. In an abundance of caution, it has been highly recommended for those affected users to reset their password and to change their password on any other services they might have used it on. 
At conclusion of the note, Scribd team did serious apology to its users while saying -"we would like to sincerely apologize for our failure to live up to our users' expectations in this instance. We’re incredibly disappointed that this happened and are committed to doing everything we can to prevent this from happening again. We will work harder than ever to ensure that we deserve the trust that our users place in us." 
While talking about big cyber attacks against large companies we would like to remind you in the last year we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  Nvidia,BlizzardPhilipsZyngaVMWare, Adobe Twitter  New York Times, Apple and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Twitter Hacked, More Than 250,000 User Data Compromised

Posted by Avik Sarkar On 2/03/2013 01:55:00 am

Twitter Hacked, More Than 250,000 User Data Compromised

The social networking giant and the world famous micro blogging site Twitter again fallen victim of cyber attack. Last year we have seen that the tight security system if twitter have been compromised many times. Yet again in this year the San Francisco based social media giant who have more than 500 million registered users failed to protect them selves from hackers. On last Friday Twitter acknowledged that it had become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users. The micro blogging giant said in a blog posting that earlier this week it detected attempts to gain access to its user data. It shut down one attack moments after it was detected. According to reports usernames, email addresses, session tokens and encrypted/salted passwords for 250,000 users might have been accessed in what it described as a “sophisticated attack” 

"This attack was not the work of amateurs, and we do not believe it was an isolated incident,” said Bob Lord, Twitter’s director of information security. “The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked” Bob added. 

Jim Prosser, a Twitter spokesman, would not say how hackers infiltrated Twitter’s systems, but Twitter’s blog post said hackers had broken in through a well-publicized vulnerability in Oracle’s Java software. Last month, after a security researcher exposed a serious vulnerability in the software, though Oracle patched the security hole, but Homeland Security said the fix was not sufficient. The DHS issued a rare alert that warned users to disable Java on their computers. Prosser said Twitter was working with government and federal law enforcement to track down the source of the attacks. For now, he said the company had reset passwords for, and notified, every compromised user. The company encouraged users to practice good password hygiene, which typically means coming up with different passwords for different sites, and using long passwords that cannot be found in the dictionary.
Twitter said it “hashed” passwords — which involves mashing up users’ passwords with a mathematical algorithm — and “salted” those, meaning it appended random digits to the end of each hashed password to make it more difficult, but not impossible, for hackers to crack. Once cracked, passwords can be valuable on auction-like black market sites where a single password can fetch $20.

While talking about Twitter and cyber issues, I would like to remind you that in last year twitter faced several cyber attacks where more than 55,000 twitter account details was leaked, after this issue in the middle of last year the social networking giant faced massive denial of service which interrupted its services. Later a huge number of Twitter users across the globe received  emails warning that their account have been compromised and their passwords had been reset, and it was another security breach which affected twitter. Such big organization are not at all careless about security, so as twitter and it has been proved when they hired renowned white hat hacker Charlie Miller to boost up their security, but after this current massacre, it seems that twitter need to think more and emphasize a lot to make sure that their system is good enough to prevent cyber attacks. For all the hot cyber updates and reviews stay tuned with VOGH.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Started Enabling HTTPS by Default for North American Users

Posted by Avik Sarkar On 11/23/2012 07:08:00 pm

Facebook Started Enabling HTTPS by Default for North American Users

The social networking giant Facebook has started securing all data traffic to the social networking site using HTTPS by default. The change started rolling out to all North American users last week, while users in the rest of the world should see HTTPS enabled by default soon. This change will make HTTPS the default connection option for all Facebook sessions for those users, a shift that gives them a good baseline level of security and will help prevent some common attacks. Switching to HTTPS by default will mean that all connections and data, including cookies, will be transmitted over SSL in encrypted form and should no longer be able to be easily read and used for fraudulent purposes by attackers. While Facebook has used HTTPS connections to protect users' login credentials for some time, it only started offering an HTTPS option for the entire site in January 2011. The feature was not turned on by default and instead required users to manually enable the HTTPS option in their Facebook account settings.
Facebook users have had the option of turning on HTTPS since early 2011 when the company reacted to attention surrounding the Firesheep attacks. However, the technology was not enabled by default and users have had to in and manually make the change in order to get the better protection of HTTPS. 
Now, users will have to manually turn HTTPS off if they don't want it, a distinction that is a major change, especially for Facebook's massive user base, which has become a major target for attackers





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASA Laptop Theft Puts Thousands of Employees & Contractors at Risk

Posted by Avik Sarkar On 11/21/2012 01:17:00 am

NASA Laptop Theft Puts Thousands of Employees & Contractors at Risk

So far NASA have been targeted several times, where hackers penetrated the digital security. But here comes a bit different type of breach. A laptop with data on thousands of employees and contractors has been stolen from a NASA employee's car. NASA issued serious warning and it it informing its employees that a laptop computer with personnel information such as social security numbers was stolen from a locked car two weeks ago, potentially putting thousands of workers and contractors at risk. The laptop, issued to an employee at NASA headquarters in Washington, was password protected but its disk was not fully encrypted, making it relatively easy to access the information stored in that hard disk. This security breach  may affect thousands of employees and contractors at NASA facilities around the United States.
NASA has contracted a specialist consulting firm to identify and contact persons affected by the data breach, saying that the process could take up to 60 days due to the large amount of data. NASA Administrator Charlie Bolden banned the removal of unencrypted laptops containing sensitive information from any NASA facility and ordered security software upgrades to be finished by December 21. NASA has now instructed its employees to use full disk encryption (FDE) to lock down hard drives on all devices that process critical data by this 21st December. The agency also warned employees about storing sensitive data on smart phones and mobile devices. The agency is offering employees free credit-monitoring services and other support.
The laptop theft is the latest in a string of NASA security breaches over the past few years. In March, a Kennedy Space Center worker's laptop that contained personal information on about 2,300 employees and students was stolen. A NASA inspector general report this year determined 48 NASA laptops and mobile computing devices were lost or stolen between April 2009 and April 2011, many containing sensitive data.



-Source (Reuters)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

SecretLayer: Advanced Steganography Software [Pro Version Download Now]

Posted by Avik Sarkar On 10/31/2012 06:08:00 am

SecretLayer: Advanced Steganography Software [Pro Version Download Now]

Hackers, security professionals and also many other people who are involved in this cyber domain must be familiar with the term 'steganography'. I do believe that many of us have used this finest technique many times, may be some times for fun, or may be some nasty jobs. For those who are not so familiar with Steganography, then it is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. In very simple word its one of finest art of deception. For your information, now a days Steganography has been widely used, or I should say misused by many terrorist organizations for transmitting their hidden messages. One of the most dangerous changeless with Steganography is, researcher can detect whether an image or text is containing hidden message, but so far they can't unveil the inside message. 
Today we will talk about an advanced tool which is designed to tweak the color of specific pixels. The tool is named 'SecretLayer' which lets you encrypt your data (so you're no worse off than before) and then hide that encrypted data in ordinary images, like the ones used every day on all websites and email attachments. 

The Pro version of Secret Layer supports encryption of your data: -




  • Encryption type: AES, Key length: 128, 196, 256 (bits)
  • Encryption type: Blowfish, Key length: 128, 196, 256, 384, 448 (bits)
  • Encryption type: Cast-128, Key length: 40, 64, 128 (bits)
  • Encryption type: Cast-256, Key length: 128, 160, 192, 224, 256 (bits)
  • Encryption type: DES, Key length: 64 (bits)
  • Encryption type: IDEA, Key length: 128 (bits)
  • Encryption type: RC5, Key length: 64, 128, 192, 256, 384, 448, 512, 1024, 1536, 2040 (bits)
  • Encryption type: Twofish, Key length: 128, 192, 256 (bits)



    • A container with the encrypted data is hidden inside of an ordinary-looking image. This is all done automatically and in the background: you don't have to do anything extra. To download SecretLayer click Here. Earlier I told you that Steganography is on the finest way of hiding your secrete message, besides it contains many threats, as it has been widely used by criminals for transmitting messages. So far those hidden contains can not be decrypted easily. So now its upto you, that how will you use such tools. Remember one lesson which we have already learnt from a Famous movie SpiderMan, that is 'With greater power there comes greater responsibility...'. So I urge you not to use such tools for negative purposes. 






    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Hacker Steals 3.6 Million South Carolina Social Security No & Also Exposed 387,000 Card Details

    Posted by Avik Sarkar On 10/29/2012 04:36:00 am

    Hacker Steals 3.6 Million South Carolina Social Security Number & Also Exposed 387,000 Card Details

    The year 2012 is going from bad to worse for the cyber space, as yet another big data breach happened which effected more than 4.7 million residents of South Carolina at risk of identity theft. Anyone who filed a South Carolina tax return in the past 14 years may have had their Social Security number stolen and has been urged by the state government to immediately enroll in consumer protection services. The U.S. Secret Service detected a security breach at the S.C. Department of Revenue on Oct. 10, but it took state officials 10 days to close the attacker’s access and another six days to inform the public that 3.6 million Social Security numbers had been compromised. The attack also exposed 387,000 credit and debit card numbers. The stolen data included other information people file with their tax returns such as names and addresses. Businesses’ taxpayer identification numbers also potentially have been comprised in the attack that is being described as one of the nation’s largest against a state agency. The hacker began accessing the Department of Revenue’s computer system in August, but wasn’t noticed by the Secret Service until October, giving him about two months to gather the data in what is one of the largest computer breaches in the US. Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data. Revenue director James Etter said none of the Social Security numbers were encrypted and about 16,000 credit card numbers were not encrypted.
    “The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” South Carolina Gov. Nikki Haley said during a news conference. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.” 
    S.C. Inspector General Patrick Maley said nine agencies had been evaluated thus far, and some corrective action had been taken. There was no overarching security policy within state government, he said. No one at the Revenue Department or within the state’s information technology division has been disciplined over the latest attack.  
    While this case of hacking was the largest in US history, it wasn’t the first. On March 30, 2012, officials in Utah discovered that one of their health department servers had been hacked. That time also a large number of Social Security numbers were stolen from the serverincluding those of children. Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: AdobeGuild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  NvidiaBlizzard and  Philips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH




    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor

    Posted by Avik Sarkar On 10/16/2012 07:34:00 pm

    Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor 

    Whonix, which is earlier called TorBOX or aos; now been reintroduced with a new style. This time we got a complete anonymous general purpose Operating System based on Virtual Box, Debian GNU/Linux and Tor.  According to the project wiki page - in Whonix IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two virtual machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. 

    We request our reader to See Security for a more comprehensive description, security features and threat model. You can even go through with full change log and also download the source code from github

    Key Features:- 

    • Adobe Flash anonymously
    • browse the web anonymously
    • Anonymous IRC
    • Anonymous Publishing
    • Anonymous E-Mail with Mozilla Thunderbird and TorBirdy
    • Add a proxy behind Tor (Tor -> proxy)
    • Based on Debian GNU/Linux.
    • Based on the Tor anonymity network.
    • Based on Virtual Box.
    • Can torify almost any application.
    • Can torify any operating system
    • Can torify Windows.
    • Chat anonymously.
    • Circumvent Censorship.
    • DNSSEC over Tor
    • Encrypted DNS
    • Full IP/DNS protocol leak protection.
    • Hide the fact that you are using Tor/Whonix
    • Isolating Proxy
    • Java anonymously
    • Javascript anonymously
    • Location/IP hidden servers
    • Prevents anyone from learning your IP.
    • Prevents anyone from learning your physical location.
    • Private obfuscated bridges supported.
    • Protects your privacy.
    • Protocol-Leak-Protection and Fingerprinting-Protection
    • Secure And Distributed Time Synchronization Mechanism
    • Security by Isolation
    • Stream isolation to prevent identity correlation through circuit sharing
    • Virtual Machine Images
    • VPN/Tunnel Support
    • Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from  The Tor Project about quality, suitability or anything else.
    • Transparent Proxy
    • Tunnel Freenet through Tor
    • Tunnel i2p through Tor
    • Tunnel JonDonym through Tor
    • Tunnel Proxy through Tor
    • Tunnel Retroshare through Tor
    • Tunnel SSH through Tor
    • Tunnel UDP over Tor
    • Tunnel VPN through Tor
    To Download Whonix-0.4.5 Click Here. Before download please note that Whonix is produced independently from the Tor anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else. 






    SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

    Related Posts Plugin for WordPress, Blogger...

    Site search